Computing and Network Policy

Code for Ethical Use of Computing Resources

All members of the Bentley community make use of technology – for example, personal computers, smartphones, application software, Bentley’s network and server infrastructure and the Internet – in pursuing their primary academic and administrative endeavors at the university. Using the university's technology resources for incidental purposes is also permitted, but all usage use must comply with state and federal laws, as well as with Bentley’s own policies governing appropriate use of technology. Bentley requires that technology resources are not 1) used in a way that consumes excessive network resources; 2) abused or wasted; 3) employed in a way that interferes with, damages or harms a person; 4) employed in a way that intentionally interferes with the business operations of the university or any other company; 5) used for commercial gain; 6) used for dishonest or personal advantage; or 7) used to publicly convey what would reasonably be considered a private matter concerning another employee or student. With the exception of employment-related endeavors, excessive use of network resources is defined as individual consumption of bandwidth that is greater than 10 times the average. Computing resources may not be used to promote or facilitate illegal or inappropriate activities or to facilitate actions that violate academic integrity (these may include, but are not limited to, harassment, theft, child pornography, sending or receiving pornographic images, selling papers or other course work, or copyright violation (including the distribution and reception of copyright protected music, movies and games which are obtained illegally). Please be aware that Bentley will cooperate with internal and external authorities in the investigation of illegal activities. Bentley is also obligated to report any instances of child pornography to the appropriate authorities.

Bentley has a legitimate interest in protecting its investment in technology. Toward this end, the university reserves the right to require the registration of all technology-related devices used on campus, regardless of whether the device is owned by the institution or an individual; to prevent or restrict the use of technology brought on campus by faculty, staff and students; to identify and quarantine devices suspected of adversely affecting the network; to employ tools to monitor (at the port level) network-related activity, including bandwidth consumption and point-to-point file transfers; to monitor bandwidth consumption and restrict or eliminate bandwidth allocation to specific devices; to monitor the transmission and storage of confidential information; and to terminate without notice individual network and Internet access upon detecting activities that violate the law or university policies.

Violations of this policy may result in temporary or permanent loss of technology-related privileges including Internet, network and e-mail access, fines, assignment of financial responsibility, discipline up to and including immediate termination of employment, expulsion as a student, and legal action.

  • For contractors and other external vendors, sanctions may also include immediate dismissal, termination of contract, and legal action.

  • Employee violations will be handled by the employee's supervisor, in conjunction with the divisional vice president and the Department of Human Resources.

  • Student violations will be referred to the Student Affair’s judicial process or Bentley’s academic integrity process, or both. In cases where individuals are uncertain about whether or not a violation has occurred, students should consult the dean of student affairs; faculty should consult their respective dean; and administrative staff should consult their divisional vice president.

Certain kinds of computer abuse and computer-related fraud are not only prohibited by this policy, but are illegal and punishable by any or all of the following: civil sanctions, criminal fines or imprisonment. Copies of Fraud and Related Activity in Connection with Computers (18 U.S.C. § 1030) and the Wiretap and Electronic Communications Privacy Acts (18 U.S.C. §§ 2510-2520, 2701, 2710) are available from Bentley's Human Resources Department or the Computing Services Desk. The university may report suspected illegal conduct to the appropriate authorities.

Limitations on Use of Computing Resources

Individual Access

All members of the community are obliged to act responsibly in the use of technology.  Faculty, staff and students are expected to provide and maintain accurate data about themselves (i.e. date of birth, address, Social Security number, etc.) when updating personal information on any of Bentley's administrative and academic systems.
An individual may access only those accounts, files, software, and other computing resources authorized under his or her particular username and password and for which a legal license exists. Individuals must take reasonable precautions to protect his or her account(s) information, including passwords, usernames and PINs. Sharing individual IDs and passwords is expressly prohibited. All members of the Bentley community are expected to exercise care in logging out of network resources and applications, in regularly changing their individual password(s), and in maintaining the confidentiality of their password. It is also a violation of Massachusetts law to access a password protected file without proper authorization.

An individual who intentionally shares their user ID and password with another person, where the primary intent is to provide access where it would otherwise be unavailable, may be subject to disciplinary action up to and including expulsion and immediate termination.

Hacking

Hacking is the intentional, unauthorized access to hardware or software. A hacker is a person who breaks into computers, usually by gaining access to administrative controls, with the intent to take over, read, modify, or cause damage. With the exception of specific course-based activities designed to educate students which are conducted under the aegis of the CIS or IPM Departments, Bentley will not tolerate hacking by students, employees, contractors, consultants, volunteers, visitors, or any other person or device. Responsible parties include those who instigate, plan, initiate, participate in, or perform hacking offenses. 

Students, employees, volunteers, consultants and contractors suspected of engaging in hacking are expected to cooperate fully with Bentley and legal authorities in the investigation of such incidents. In investigating complaints of possible violation of university policy, Bentley reserves the right to examine the contents of personal computers used by faculty, staff and students or other computers attached to our network, without prior consent or knowledge of the individual being investigated. Bentley also reserves the right to confiscate computers used by faculty, staff and students. Cooperation may include, but is not limited to, providing transaction logs, copies of electronic mail messages, data files, usage records, hardware, account and password information, or other information as required by those authorities. Those who are financially responsible for the perpetrators, such as parents or guardians, may also be held accountable.

Commercial Use

For-profit activities may be conducted on the Bentley network only under the auspices of officially recognized and sanctioned campus organizations or academic and administrative programs (i.e., service-learning, scholarship fundraising, etc.). Independent businesses may not be developed or cultivated using university technology resources. Bentley reserves the right to remove, without warning, unapproved commercial sites. To seek approval for officially recognized and sanctioned programs, students should consult the dean of student affairs; faculty should consult their respective dean; and employees should consult their divisional vice president. 

Permission to Record

Faculty, staff and students may not use any technology resources on campus, especially those available on personal devices, to record conversations, lectures, or classroom interactions without the express consent of those individuals being recorded.  Such actions may also violate state and federal law. Faculty, at their sole discretion, may elect to make their lectures available for recording. Members of the Bentley community who intentionally record other students, faculty and staff without their prior written consent may form the basis of a civil libel action and may be subject to disciplinary action up to and including immediate termination and expulsion. 

File Sharing Applications and Copyright Law

Person-to-person (P2P) applications allow individuals to electronically exchange music, movies, videos, software, games and other kinds of copyright-protected and non-copyright-protected information. While some owners of music, movies and software explicitly allow their products to be copied, many do not. It is best to assume that these materials are copyright protected, unless explicitly stated otherwise. Downloading and making available to other individuals copyrighted material, such as music, movies, videos, text and software, without permission of the rightful owner, violates the United States Copyright Act (Title 17, United States Code), which has significant potential liability for damages.  Moreover, using P2P file sharing applications may contribute to an excessive consumption of bandwidth and create a potential security risk, which also violates Bentley policy.

As part of Bentley’s efforts to comply with copyright law, Bentley’s Digital Millennium Copyright Act (DMCA) Policy can be viewed here. This policy outlines the specific procedures that Bentley will take if the university receives any copyright infringement notices.

Violations of copyright law may result in temporary or permanent loss of access rights, fines, assignment of financial responsibility, disciplinary action up to and including immediate termination of employment, expulsion as a student, and legal action.

Social Media 

Bentley is committed to maintaining an environment in which opposing views on issues of the day may be fully and freely aired. Such an environment requires all community members to tolerate expressions of opinion that differ from their own and that, in some instances, some people may find unpalatable; however, activities that violate the university’s policy against harassment, or that constitute an invasion of another’s privacy, do not promote free expression and undermine the environment that the university seeks to maintain. They also may result in the imposition of sanctions for violation of university policy. Additionally, untrue statements of fact that harm another’s reputation may be defamatory and may subject the individual making such statements to civil action by the person harmed by such statements.

Employees and students who choose to engage in blogs, chat rooms, discussion groups, Facebook, Twitter, bulletin boards or other forms of social media should do so with the understanding that they may inadvertently pose a threat to their own or others personal safety and personal privacy. Publishing personally identifiable content (i.e., photos, addresses, phone numbers, banking information, health information, etc.) can lead to identity theft, stalking and other potentially dangerous outcomes. Employees and students who engage in activities that compromise the privacy of others, or disclose or discuss confidential or proprietary information, are violating institutional policy and will be subject to appropriate sanctions.

Bentley reminds students and employees who are acting in their individual capacity of their obligation to clearly state that opinions expressed are their own and not those of Bentley University.

Policy Violations

Those who violate policies on individual access, hacking, commercial use, permission to record, file sharing or social media may incur temporary or permanent loss of technology-related privileges, fines, assignment of financial responsibility, discipline up to and including immediate termination of employment, expulsion as a student, and legal action. For contractors and other external vendors, sanctions may include immediate dismissal, termination of contract and legal action.

Information Privacy

Keeping information secure and private are top priorities for Bentley. To this end, Bentley attaches a formal privacy statement to the bottom of its website. Please see the Bentley University Information Privacy Statement for details on the data that are collected through the university's official websites. This privacy statement applies to the www.bentley.edu domain and administrative applications used for e-commerce linked to www.bentley.edu. It does not apply to internal and/or external websites that might be linked to or from this domain. 

Websites created by individuals using Bentley resources may not collect personal information from visitors without abiding by and linking to Bentley's information privacy statement. In addition, individuals may not post images of any member(s) of the Bentley community, or provide personal information about them, without their prior written permission. Websites that violate the policy may be removed without advance warning. Federal, state and local laws, regulations, and judicial decisions may also apply in cases where a person's privacy is violated. 

Electronic Mail Policy

E-mail is the communication medium of choice for the Bentley community and the official vehicle by which the members of the university communicate with each other. Students, faculty and staff are all expected to read e-mail regularly to glean the critical information that is routinely conveyed. 

Bentley provides electronic mail services to the campus community, at the university's expense, in support of academic and administrative pursuits. Incidental personal use is also permitted, so long as the use does not violate federal or state laws, or university policy. These guidelines apply to electronic mail sent or stored on servers, on personal computers, on personal devices such as Blackberries or other smartphones, on PDA devices, and to all archived and backup e-mail files and folders created using Bentley technology resources, regardless of where they reside. The university reserves the right to change these policies at any time as may be reasonable under the circumstance. To view Bentley’s full Electronic Mail Policy, please visit here.

Use of Institutional Information

Information technology and data constitute valuable Bentley assets. In order to protect the security, confidentiality and integrity of Bentley data from unauthorized access, modification, disclosure, transmission or destruction, as well as to comply with applicable state and federal laws and regulations, all Bentley data are now classified within security levels, with requirements on the usage of data at different levels. View the full data classification policy. In addition, any employee or contractor that handles credit card information is subject to Bentley’s PCI Policy; employees or contractors that process certain types of financial information are also bound by Bentley’s Gramm-Leach-Bliley Policy.

Remote Access

In an effort to keep sensitive data secure, while also understanding that our changing culture requires work to be performed remotely, Bentley employs Virtual Private Network (VPN) software to enable faculty, staff and a limited number of contractors to access certain technology resources remotely with appropriate approval. Faculty and staff are responsible for protecting confidential data and therefore should not downloaded confidential data to laptop computers or portable storage devices. VPN allows faculty and staff members to work with confidential data in a secure manner. To view Bentley’s Remote Access policy, visit here.

Cell Phone and PDA Policy

Increasingly, employees are using cellular technology as a means of sending and receiving Bentley e-mail, synchronizing calendars and contacts, transmitting text messages and connecting to the Internet. Bentley standardized on the Blackberry Enterprise Server (internal BES) for employee sponsored phones.  However, we recognize that some employees, although not required to carry a cell phone as part of their position responsibilities, would still like to connect personal devices to Bentley’s Blackberry Enterprise Server or Bentley’s Active Sync Server.  Bentley employs technology to allow this, but requires employees to comply with Bentley’s Cell Phone and PDA Policy located here.

Promotional Photographs for Bentley University

Bentley reserves the right to take photos on the Bentley campus and Bentley public events and use those photos on the web and in print publications. For additional information on our website privacy, please visit here.